Essential Protection

Directory Filter

InboundOutbound

The Directory Filter rejects incorrectly addressed emails in accordance with RFC. As a result, the processing time of incoming and outgoing emails is significantly faster. Valid addresses are automatically and regularly reconciled with customer systems.

More info

Furthermore, senders, who appear conspicuous because of attack attempts due to denial of service and directory harvesting attacks, are assigned to a special classification and thus accepted in delay (traffic throttling mechanisms).

Inbound reputation management

InboundOutbound

Along with using Directory Filter functions, the reputation of the senders of incoming emails are checked. An evaluation for sender authorization by validating the SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) is carried out. Classified emails that do not pass validation are isolated in a quarantine.

External Sender
Visibility Enhancement

InboundOutbound

External Sender Visibility Enhancement flags incoming emails sent by an external sender pretending to have the same sender domain as that of the recipient’s company network (spoofing). This feature makes it easier to detect spoofed sender addresses.

More info

Validation of incoming emails (external relay) that use a customer domain in the sender address (MIME-FROM)

Flagging of suspicious emails with visual indicators such as pre-defined Unicode characters or text at the beginning of the sender field (friendly name)

External Sender Visibility Enhancement

Phishing Filter

InboundOutbound

The Phishing Filter scans incoming emails in real time for phishing scams. Those in question are either moved to quarantine and flagged as «phishing» or deleted.

Attachment Blocker

InboundOutbound

The Attachment Blocker prevents the receipt of files attached to incoming emails that match criteria defined by the customer. These are files that should be prevented from reaching the company infrastructure, for example .exe, .zip, or Office files with macros.

Administration & Analysis

Directory Synchronization

InboundOutbound

In addition to manually maintaining addresses in the Retarus EAS Portal, Automated Directory Synchronization can reconcile addresses automatically with the customer’s address book and directory services.

Access Management

InboundOutbound

With Access Management in the Retarus Enterprise Administration Services Portal (Retarus EAS Portal), access rights for administrators can be assigned flexibly and according to requirements for e.g. countries, subsidiaries, domains, or departments.

Granular, hierarchical rights concept for administrators

Flexible assignment of access rights to e.g. configurations and evaluations

Email Live Search

InboundOutbound

Email Live Search provides detailed results on the status of individual emails in real time. This search function makes it easier to find emails, simplifies the analysis of delivery delays, and supports IT forensics. For example, the help desk can release emails marked as graymail to users from within user guidance.

Monitoring & Reporting

InboundOutbound

In addition to easy management of service instances and user profiles 24/7, the web-based Retarus Enterprise Administration Services Portal (Retarus EAS Portal) offers information about the effectiveness of Retarus Email Security Services. All reporting and monitoring information can be downloaded in a prepared format, offering process transparency that is unique to the market.

Additional Options

Quiet Time

InboundOutbound

Quiet Time allows you to define periods during which employees do not receive external emails, for example, during free time and on weekends. It allows you to define periods during which emails are not delivered to inboxes so that email servers can undergo maintenance.

More info

Configure email-free periods (external emails)

Individual settings for different user profiles

Secure temporary storage of emails in Retarus data centers

Automatic delivery of emails after defined periods expire

Bypass function for high-priority emails

Emergency button for immediate delivery of emails during email-free periods

Quiet Time

Inbox Assist

InboundOutbound

Retarus Inbox Assist gives executives, managing directors, department heads, and assistant-supported teams the ability to forward incoming emails automatically to assistants, either exclusively or in copy. This means business correspondence can be presorted and processed immediately. The inbox remains organized and confidential emails remain confidential.

More info

Exclusion of defined senders from forwarding for more privacy

Immediate delivery of emails from important contacts overrides assistant forwarding

Email Signature

InboundOutbound

According to statutory requirements, business emails must contain signatures, just as they are required for customary business letters in commercial correspondence. Required information includes data that is often changed, such as telephone numbers. Retarus Email Signature helps create and centrally manage signatures and disclaimers quickly and efficiently.

Advanced Threat Protection (ATP)

Deferred Delivery Scan

InboundOutbound

As part of Deferred Delivery Scan (DDS), defined file attachments undergo further analysis using additional re-scan procedures. The delay means that signatures for the engines, which were not there at the time of the initial scan, could exist in the new malware at the time of the quadruple Retarus AntiVirus MultiScan rescan. DDS performs multiple re-scans within a short amount of time. If a virus is detected, Retarus deletes the affected files and informs the intended recipient.

Sandboxing

InboundOutbound

Sandboxing subjects specific file attachments to an in-depth analysis. Attachments that contain potentially malicious code (e.g. files and active elements) are exported to a virtual machine and checked for unusual behavior. Retarus uses a sandboxing solution from the specialized and highly respected third-party provider Palo Alto Networks for this advanced threat assessment. Emails identified as infected are either deleted or quarantined, and the intended recipient is notified.

More info

In-depth checks of email attachments through export to virtual machines

Integration of a leading third-party sandboxing solution (Palo Alto) in Retarus Email Security

Time-of-Click Protection

InboundOutbound

Time-of-Click Protection automatically re-writes links (URLs) in emails. When recipients click on these links, the links are checked for suspected phishing target addresses. If the target site is not identified as a phishing site, the user is sent directly to it. If the target site is a phishing site, a security warning is issued.

More info

Real-time checks of web links in emails

Expanded protection from phishing attacks

Effective blocking of phishing websites and warnings for affected users

Postdelivery Protection

Patient Zero Detection®

InboundOutbound

A malware’s signature is still unknown the first time it appears, even to the best virus scanners. In combination with quadruple AntiVirus MultiScan, Patient Zero Detection® uses a digital fingerprint to identify emails containing malware that have already been delivered. Relevant alerts are sent according to customer settings. This way, appropriate defensive actions can be taken as quickly as possible.

More info

Identification of the recipient (patient zero) of malicious emails already delivered using a digital fingerprint.

Identification using content analysis together with quadruple AntiVirus MultiScan

PZD Reacting Process

More info

Detailed, standardized information via administrator notification to support automatic processes used to remove emails from the server

Configurable text for alerts (enables the distribution of behavior recommendations that are easy to understand and can be quickly implemented)

Reduces the administrative work for IT forensics, support, and the help desk

Increases protection through swift response to identified emails

Information Protection & Compliance

Email Encryption/Decryption

InboundOutbound

Outbound emails are transferred from the customer’s email server to Retarus. Emails are identified in Retarus data centers, fully encrypted using customer-specific rules, signed as needed and sent securely to the recipient. This means that the email and all of its file attachments are encrypted.

Optional VPN connection for secure and confidential communication over the «last mile»

Web email portal or password-protected PDF for encrypted communication with recipients without their own encryption solution

Company-wide standardized solution that can be expanded as needed

No software and hardware installation required

Email Encryption

Data Loss Prevention

InboundOutbound

Data Loss Prevention checks emails addressed to external recipients sent by the customer’s users (as part of configuration) for defined patterns, e.g. credit card numbers or bank account numbers (IBAN). If an email contains this type of pattern, it is not sent to external recipients and the sender is notified.

More info

Furthermore, certain employees, e.g. an administrator or compliance officer, can be informed of the delivery attempt. The affected email is quarantined. In addition, a monitoring entity for all outbound emails is created, for example, a role-based inbox. Senders must be added to the distribution list to be able to send emails.

Support for observance of compliance regulations through an expanded monitoring entity for sending emails

Enterprise Email Archive

InboundOutbound

Enterprise Email Archive offers tamper-proof archiving of business email correspondence. Archived emails cannot be changed, are protected from unauthorized access, and can be found in milliseconds even when the email volume is large.

More info

Automatic archiving of internal and external email correspondence including attachments

Encrypted storage of each individual email in original format (MIME) including attachments (used of own certificates possible)